| Virtual Private Networks claim to solve | | | | Authentication are three aspects most |
| majority of the security problems faced | | | | discussed with respect to a VPN |
| by the enterprises. Most of the issues | | | | technology. Protecting the Privacy of |
| were related to secure data transfer | | | | information requires some sort of |
| over the public internet. The internets | | | | encryption. Private Key encryption and |
| greatest asset is ubiquity and openness | | | | Public Key encryption methods are the |
| but this is its greatest weakness as | | | | most common methods available presently. |
| well. VPN seems to have been a solution | | | | Private key encryption is a bit |
| to the weakness. | | | | problematic as the key has to be sent |
| Many technologies have come up and claim | | | | over the internet. Public key systems |
| to be VPN technologies: SSL VPN, MPLS | | | | provide communication between unsecured |
| VPN to name some. Some basic questions | | | | systems and even provide means to |
| are how do we define VPN ? Why do we | | | | exchange of private keys. The |
| need a VPN and what are the technologies | | | | disadvantage of a public key encryption |
| used in deploying VPN? | | | | system is that it requires more |
| Organizations in the past deployed | | | | computation. A balance between the two |
| private networks like LAN or WAN for | | | | is the best solution. The DES secret |
| their mission critical applications. A | | | | key algorithm and Diffie-Hellman public |
| performance predictable and secure | | | | key algorithm can be used in |
| infrastructure was the end result. A | | | | conjunction. The DES can be used to |
| growing number of businesses cannot | | | | encrypt the traffic and the |
| afford setting up a private network and | | | | Diffie-Hellman to produce the secret |
| existing networks had to reach out to | | | | key. |
| customers to gain a market edge. This is | | | | Information should not be altered during |
| the area where the internet scores its | | | | the transit over the internet. Integrity |
| points. Networking basics still present | | | | is ensured using one-way hash function |
| a few bottlenecks. Bandwidth | | | | or Message authentication codes (MAC) or |
| constraints, security problems due to | | | | even digital signatures. |
| increased exposure, threats like | | | | Authentication is ensuring the identity |
| spoofing, session hijacking, sniffing | | | | of the opposite party in a communication |
| and man-in-the-middle attacks have | | | | process. Password protection or digital |
| exposed data in transit. | | | | signatures (X.509 standard) are an ideal |
| Considering business factors and the | | | | method. The process is a complex system |
| risk factors and it may frighten you. A | | | | of key generation, certification, |
| new technology has brought the risks | | | | revocation and management. All this is a |
| down for data transit on the internet. | | | | part of a PKI: public key |
| Virtual Private Networks as it is called | | | | infrastructure. |
| follows encryption and tunneling for the | | | | Protocols |
| secure transfer of data between two | | | | Separate technologies can be used to |
| ends. It extends trust relationships | | | | provide confidentiality integrity and |
| across the cheaper public network. | | | | authentication. Three widely used VPN |
| Security and predictable performances | | | | security protocols are. |
| are a part of this technology. | | | | - IPSec Protocol |
| Its uses are | | | | - Tunneling protocols (PPTP:Point to |
| - Remote users and tele-workers | | | | Point tunneling protocol, L2TP: Layer2 |
| connecting to their corporate server | | | | Tunneling protocol ) |
| securely. | | | | - Socks5 |
| - Linking the offices in an enterprise | | | | Services |
| network | | | | Many managed VPN services offer Quality |
| - Organizations making their e-commerce | | | | of Service guarantees, which can be an |
| solutions better by extending | | | | excellent choice for site-to-site |
| infrastructure to include partners, | | | | connectivity. VPN is an end to end |
| suppliers and customers. | | | | communication solution and it cannot |
| Variety of Technologies | | | | effect the performance of the middle |
| VPN technology has been around for | | | | network and components. This is the |
| quite sometime. Present and future of | | | | reason for the QoS guarantees which are |
| VPN depend on emerging standards that | | | | basically a marketing gimmick by the |
| have made it secure and reliable. VPN is | | | | ISP. Each ISP has control over its |
| deployed and marketed more every passing | | | | network only and not the entire internet |
| day. Some products are emerging | | | | which makes the QoS flawed. Mission |
| standards while the old are for specific | | | | critical performances are still to be |
| requirements. Each product and | | | | realized but security has to an extent |
| technology has it respective strengths | | | | been mitigated. |
| and weakness. Choosing the technology | | | | Author:vpntools.com, presents a secure |
| depends on how the problems are | | | | alternative to the problems faced on the |
| addressed and what will be the future | | | | internet. Networking Basics , Future |
| trends of the present technology. | | | | of VPN, etc ..... are a few of the |
| Security is the present focus of most | | | | topics that could interest you. |
| VPN technologies. | | | | Completer end to end security is |
| Confidentiality, Integrity and | | | | achievable and you could find it here. |